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(57) Abstract' - ■>,-,-.. • .- . .» .:a..,c. .. . •. , 

In a computer 'network, documents ! a?c prt>duced, the documents" hashed to prodycV a insge^ihtV and the nngeiprihUs encrypted 
to sien the document.-then the document signature is transmitted from the user system to a secure computer system. The secure computer 
system creates a time,stamp- including the document signature and a digital time. The secure system signs the time stamp to verify its 
"origin The time stamp and notary's signature are -transmitted from the secure system to the user s system. The user has access to the 
notary's public key which, is used to determine whether the time stamp is authentic. Then the document is revised, me revised document 
is hashed and the hash is combined with an indication that: the revision is related to the original document. The indication could be a hash 
of the original document, the original document signature, the notary's time stamp for the original document, or the notary s signature for 
the original document. 
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Transmitting revisions with digital signatures. 



FIELD OF THE INVENTION , ,. 

The invention is related to the field of cryptography and more specifically to 
cryptographically timestamping documents to prove their existence at a certain time. 

BACKGROUND OF THE INVENTION 

In many common situations people need to verify that a digital document (i.e. a 
document that is digitally stored in a computer system) existed on a certain date. That is, we 
may need to prove that no one has altered or revised the digital document since a certain date 
such as the alleged creation date or transmittal date of the document. 

One method of providing such proof is known as electronic notarizing.or 
timestamping. A one-way hash of the document is produced, and the hash is encrypted using a 
private key of the owner of the document to form a so called digital signature. The document 
signature is sent to a digital notary or time stamper who combines the digital signature with a 
digital time (digital representation of the time and date) to form a time stamp, hashes - the time 
stamp and. encrypts the time, stamp iiash„using.the..digitaln another 
digital signature called the* tirne^ainp/.signat^ notary sends a certification , 

including.the4nie.st|trr>p an4:the ( Jii^e .stamp .signa^re to.^thA author. Anyone with the notary's 
public key can decrypt thcjime stamp signature and cpmpare the result to a hash of the 
^author's 'signature and time of certification to prove that the author's signature existed when the 
certification was created arid'. that' the server's signature and time of certification were .< 
. originally encrypted together by someone who had access to^the notary's privateke^. ^; T 

Notarizing digital documents is disclosed in U.S. patent 5 3 1363 f 46' i; 1^otarizing 
;by secute hardware in a system is;disclosed in U.S. patent 5,001,752. Public key. cryptography 
is disclosed in "New Directions irk ^Cryptography 1 " by Diffie and Hellman in IEEE Transactions 
• On Information Theory, VoHT-22, November 1976,pp 644^654 and in U.S. .patents 
4,405,829 to Rivest and 4,868,877. One-way hashing is disclosed in "Collision-Free Has 
Functions and Public Key Signature Schemes", Advances in Cryptology - Eurocrypt *87, ' * 
Springer-Verlag, LNCS, 1*988, vol. 304, pp. 203-21 7. , 

The above citations are hereby incorporated in whole by reference! 
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SUMMARY OF THE INVENTION r '" ' ' '. ' 

It is an. object of the invention to provide methods and apparatus for the 

. authentication of revisions. 

In the inventions disclosed herein^ an'original document and a revised 
document derived from the original document are signed and notarized in such a way that the 
relationship between the original document arid revised document can be proved as' well as the 
origination of the revision and the time of the revision s notarization. 

In one embodiment of the invention, the original document is signed and 
notarized, then later the document is revised and the revision and its relationship to the 
original document are signed and notarized. In another embodiment, the original document ' 

and an automatically generated revision of the document are simultaneously sighed and 

rr>,:;- ::r:c:;i -jr* & ,r:: — ^ ; . - *<> u. br... ;< . ✓ vv — 

-notarized. This allows proof of authorship and the time of generation of an automatically 

generated .revision such as a lossy compression of information. 

Other alternatives and advantages of applicant's inventions will be disclosed or 
become obvious to those skilled in the art by studying the detailed "description "beT6>»* with 
reference to the following drawings which illustrate the elements of the appended claims of 
thejnyentions. t 



BRIEF DESCRIPTION OF THE DRAWINGS " ' " " ' " ' ' ; ' ' 

Figures la- Id shows a flow chart of a specific embodiment of the invention ft 

authenticating revisions., k ■ r . 

Figures _2a-2d shows another flow chart of another specific embodiment of the 

invention for authenticating revisions. 

• .<■ • :...:y;:c- - --w. :,:/; .?J[ a.; : .j;^ vr-v • .. r : - -[[hoi/- <>■ 

Fieures 3a-3c illustrate another flow chart of a specific embodiment of the 

invention for authenticating revisions. 

1 1 f Figure 4 shows a sample embodiment of the network system of the inv 

Fieure 5 provides additional details of the authoring stations of figure - 

^jgure 6 shows additional details of the secure server of figure 4. 

; . Figure 7 illustrates additional details of the notary ! s host of figure 4. 

Figure 8 shows a specific embodiment of apparatus to program the system of 



invention. 

; ; 4. 



, WO 99/35785 PCT/1B98/02120 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 
. , ; . Figures la- Id show a specific embodiment of the invention for authenticating 

revisions. Figure la shows a first group of steps 100 of the method in which software loaded 
in the.authpr's workstation, provides for creating and signing a digital document so that others 

5 . . . can authenticate the origin of the document. The author has a private key that can encrypt 
digital information and other parties have a public key that can decrypt the information. That 
is, the author has made the public key publicly available, for example, on a server where 
others who which to verify the origin of the report (e.g. that the author produced the report) or 
integrity of the report (i.e. that the report has not been changed since it was signed), can access 

1 0 the report and the public key. In this first portion 1 00 of the invention," in step 1 02, an author 
creates a report (digital document) using software loaded onto the workstation which is 
qonnected to a server in a network, and the author inputs a command to submit the report to 
the server. 

The report contains the type of information that someone may desire to prove 
15 originated from the author and has not been altered! In step 103, the author's workstation 

hashes the report using a specified 6ne : way hashing method. The advantage of a one-way hash 
is that it can not be reversed to decode the document, so that even if the document were 
confidential or private the hash would not have to be kept confidential. In step 1 04, the 
workstation encrypts the hash using the authpr^s private key (or privite key of the workstation) 
20 to form the author's signature, of the report. The purpose of the encryption is toprovide proof 
that the author is the originator of the report, and that the report has" not been altered by others. 
The encryption of the hash has nothing to do with keeping the data or the hash secret but only 
to prove integrity and origin. The report may include or be related to other information such 
.as the title, author's name, the workstation ID, the time of creation!'^ store 
25 the report, hash, and signature relationally in the workstation if desired. Herein, relationally 
just means that, the fact that the report is related to the hasb and signature and vice^rsa is * " 
also stored in the workstation. In step 106, the workstation sends (transmits) the authors 
identification, report title, report, and the author's signature for the report to a customers 
server. If the contents of the report are confident or private then 'a'seture connection is 
30 formed between the workstation and the server before the transmission and the server is a 
secure server!* In step 107, the server hashes' the report and decrypts the author's signature 
using the author's public key. Then the server compares the hash of the report to the'decrypted 
signature to verify that they match. If they match, the server knows that the signature and 
report are from the author (or at least someone with access to the author's private key) because 
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it was the author's public key that' decrypted the signature, and the server also knowsthat the 
signature and report have riot been altered since the author signed the report: In step 108, the 
server stores the report, the author's identification (ID), arid the author's signature relational^ 
in the server's storage. Again herein, stored relatiorially <6r with relation to) just means that, 
the fact that the related elements of information are' related is also stored-. 

In a next group of steps 1 10 in figure lb, the server obtains a time stamp for the 
report, and stores the time stamp' with relation r fo the report'. In step -1 12, the'server sends the 
author's signature to a notary's host system oveY the network: 1 Alternately, the notary could be a 
secure part of the hardware of the server, for example, a device with a private key that the 
owner of the server would not know or be able to discover withdiit destroying the device. ! 
Since the signature in not confidential, high" security is not required for signature transmission. 
In step 113, the host creates a time stamp containing the author's signature; receipt time, notary 
ID, sequence number, and customer tD. In step 114, the notary hashes'the tirrie stamp. In step 
1 15^ the notary signs the time stamp'hash using the notary's private key. In step 116, the notary 
stores the time stamp and the notary's 'signature Tor the report: In step'l 17, the notary transmits 
to the server, the time stamp and i£e Notary's signature. Also; one or more previous and/or 
subsequent time stamps may be sent in a package to the customer^ -server so- that by contacting 
the other customers identified in' the time stamps, the approximate time of the time stamp can 
be independently verified. In step IlS/iii ortfer to VeHf^ftie' ^cj^'s-'signal^e^the 5 server 
hashes the time stamp and decrypts the notary's signature Using the" notary's publiclcey. In step 
119, the server compares the results ar^ the time stamp is 1 verified. 

That is, the server knows that 'the time stamp aha notary's signature are from the notary and 
have not been altered. In step 120, the server stores the time Stamp; notary's- signature, and any 
previous and/or subsequent time stamps with relation tb'ttife f : _i 

' In the next group of steps 120 in Ti^iife 1 c, a revisbr (liumaii user) obtains a 
copy of the report (original document) for revision arid vfcrifies-its brigiri 'ahd integrity. In step 
122, the reviser requests the original report 'from the server. There are many ^ ; situations in 
which someone may need to revise a document, such as, t6 'Add additional materials or to 
correct errors. Preferably, the revisor tells the server that he' plans to revise the report and the 
server thereafter refuses to transmit the report to anyone else who asks for the report for 
revising the report (i.e. the report is locked out for revision until the revisor provides the 
revision or otherwise releases the lock). 'In step 123; the ; server sends the original report, the 
report time stamp and notary's signature to the reviser's wbrkstation. In step 124, the revisor's 
workstation hashes the time stamp and decrypts the notary's signature using the notary's public 
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, key to verify the notary's signature: ThaUs, ( if the hash and the.decryption of the signature 
? t match then the revisor knows that the notary's signature was produced by someone with access 
• to the notary's private key. and that the information in the time stamp existed when the 
signature was produced. Since the time stamp contains the authors signature and the time 
5 (including date) at which the notary's signature was produced, it proves that the author's 
, . signature existed at that time. Jn step, 126, the workstation hashes the report and decrypts the 

• authors signature (contained in the time stamp) using the notary's public key and compares the 
>. results to ."verify.-the author's signature, ThaHs, if the hash and the decryption of the author's 

Signature match then the report was signed by someone with access to the author's private key 
0 j^and that the report has not been changed smce it was signed. 

, , . in the final grouDpf steps 130 of. this first embodiment, in figure Id, the revisor 

: . creates ; a revision of the report an.d.the revision is digitally signed, securely stored, and 
- ; digitally notarized. In step 132, the reviser creates a revision of the ; report and inputs a 
■ ' command to submit the rwmap^l^fe^v.h step 133, the workstation combines the 
5 revision and the.previous }ime. stamp,, and hashes the combination.' The purpose for combining 

0 . the ;ime,stamp. w / ith the.revisjlon, before signing is to allow the relationship to the original 
■ document to be proved., Alternatively .or in addition to the time stamp, other information 
indicating the history ..of the revision could be combined with the revision, such as, the 

• , w signature of the,original,report, ( a hash^ of the original report, or the time stamp signature could 
20 . have been-included in.the combination. In step 134, the workstation encrypts the hash of the 

'< combination using the. re,visor's,(pr workstation's) private key to form the revisor's signature. 
. • , - The workstation may store the revision, the hash, and the revisor's signature if desired. In step 
. • -135 the workstation sends the revision, revisor's identification, revision title, and revisor's 

signature to the server. In step 136 the server combines the revision and the time stamp of the 
25 original repor^ hashes f the combinatioij^ and decodes the revisor's signature using the revisor's 

- ■ -nublic key, to verify the origin and integrity of the revision. In step 137, the server compares 
. . -the decrypted signature with the hash, and; if the resulting hash and the decryption of the 

revisor's signature match then the server knpws that the revision is from the revisor, the 

' ' - " JU ' ■ - ■' J:-'aT^;:; o * .* - .r . :•■ . •; i yo/iio^ ti. rr! // 

• revision-is based on the original report, and the revision and signature have not been changed 

30 since the revisor signed it. In step 138, the secure server stores the revision, revisor's ID, the 
title and the revisor's signature with relation the original report. In step 139, the server 
.« . : obtains r a time, stamp fpr the revisor's signature from the notary and stores the time stamp with 
relation to revision. This is the same time-stamping process as described above in steps 1 1 0 
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for the original report. After this, future revisions will, be made based on the most recent 
revision in a similar manner to document the history of revisions. 

, Figures 2a-2d show an alternative specific embodiment of the invention for 
authenticating revisions. In a first group of steps, 160 in figure 2a, the author creates an image 
and'transfers the image to a server which signs the image for the author and stores the image. 
In step 1 62, the author operates an imager to, create an image and initiates, submitting the 
image to_a sfecure. server. , The imager may be any equipment that produces an image such as a 
businessipage seanner, medical scanner (electro-cardiogram / angiogram, ultrasound imager, 
computerized axial tomography, magnetic respnance imager, X-ray scanner) or any known 
menthod of making: wages, and.the images may be. a video image and/or an audio image. In 
.step' 1 6%:the imager, transmits the .image toa secure server.oye^ a secure link. The 
transmissiqn-w^ 

number fop the. imager to facilitate, later access to, the image. In step 164, the server combines 
the imager, ©, or author ID with the miage and hashes the combination to produce an image 
: hash, alternately, the server may combine, a. s^am^erlD or author ID with a hash.of the image 
taprovideihe image hash, \yell known metoa^ofcom^^ appending the ID to the 

. image-hash or exclusive Oring the.ro^d.imageh^h.. Alterpately, the imager or author could 
haver specific, private/public password (key) ; .p^Jh^.C5)uld ( be.used.to PfPYf *e origination of 
. the.image.89 ^-imager ID or authprJE) would not haye.to.be combined with the image before 
hashing: In step 166, the server encrypts .the \4%ti&f4. <3 m #^°^^S. thf servers private 
: key (or author's.or imager!s..nrivat^ key&stoj^ jn_$g ?eive^.to^fonn. an .image signa^ire. In 
l S tep,167,ihe' server stpre§ Jhe imagp,4mager J[p v (pr..author rD), image sequence number for 
imager, the-image-hasb^and,^?^^!!^^ ^j^^^^l^nally. tj ;j . . . . , s , 

::1 i :.r. In the next group of steps 170 in figure,.2b, the server obtains a time stamp and 
, a*ime stamp signature, from; a notary for the ; image; In step. 172, the server establishes a 
.-.connection* with the notary'? host network, and.the server sends the server's, image signature to 
i the hostrln step;17.4, the hostcreates an image , time stamp containing the seiyer> image 
.f'signature-.the receipt time, the.nptary, ID,! the sequence number pf the time stamp (this is 
; different thanithe sequence number of .the image), and the server ID, Jn step.) 75, t^e host 
hashes the image time stamps and in. step. ,176, the host signs, the time^stamp hash using the. 
notary'srprivate ; key.rIh step .,177, the,host stores,the image time stamp, and.the notary's image 
. signature. In step.l78,.the host transmits an image certificate containing the im^ge time stamp 
and notary's image signature to the server.- In step 179, .the server hashes the image time stamp 
and decodes the notary's image signature using the notary's public key in order to verify the 
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integrity and origin of the timestamp arid the notary's signature. In step 180, the server Stores 
the notary's image certificate with relation io the image sequence numbers for the imager. 

n In the next portion of : steps 1 90" in figure 2c, the server automatically revises the 
image arid obtains a notarized tiirie stanip for the revision. In step 192, the server compresses 
the image into a lossy condensation. For example, a bit image is compressed unto a' bit-reduced 
image by JPEG compression, an audiS image is compressed Using IvEPEG-2 or Dolby AC3, or 
a video may be compressed xisiiig l MPEG-2. J In step' 194'/ the server stores the condensation 
with relation to the image seq'rieriire number for the imager and 'other related information. In 
step 196, the server' combines the condensation and the ribtary's image signature, for* example, 
by appending them together. In step 198'the server hashes the combination to produce the 
condensation hash. In step 199, the SfeiVerencrypts the condensation-hash td form the server's 
condensation signature, and m step 20K), tfie server stores tHe conderisatiori ; hash r and: server's 
condensation signature with relation tti thef condensation. W step 201 vthe server: obtains a 
condensation 'certificate (f.e. toridensatiotftiirie stamp and notary's condensation signature) 
from the notary for the server's coridbhsatioiv signature and stores tlie condensation certificate 
with relation to the condensation.^ server may delete -the 1 original' image to 

conserve storage space, biit bf coij^sethis me&s'ttiat a user could no longer prove, the creation 
date or origin of the original ifnage or thatHhe -condensation is a product; oflthe original image, 
"at least independently from the recOTdsTbf the secure r server. TheLdeletioh may be required 
because uncompresseci iriiages esjiecraliy ofVvideo, fnay require 100 times as^much, storage, as 
the fesulting compressed videb : , Mfsu8hWge ariiduntfc ^ available or 

affordabl^ by the cti^stoirier. AltemativeiyrtKe^ be ; archived oritqzemovable 

tape or optical media md kept : 6ff line orxveri serit f out-t6^16hg term storage. J 5 

. r ^ ^al set of step^ 

on a viewer and the stored ifhage is ptovided along" with : tfoth 'time stajrips^ and* both notary's, 
signatures, so that the vtewefcan verify the 1 bngin and certification ^ate' of. the.revision and 
'{hat at least according to the records in'the r secure server,* thfe revision is. a product of the 
original 1 image. In 'step '2 12, the user requests the condensed ifnage using »the viewer. The 
viewer miy be any equipment that allows thfe condensed image to be played to. the user. The 
viewer is not restricted'to visual'display arid may b^, for "example, aloud speaker playing an 
audio image/ In step 213, the server serids'the infage hash r the imaiger:ID^ the image- 
* cohderisation, both respective' time stamps' (one for the image arid one forithe compressed 
image) and similarly 'both of the notary's signatures io the viewer. In step 214, the. viewer 
hashes ihe cbndensation'time stamp and decrypts the notary ! s condensation signature using the 
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notary's public key in order to verify the digital time and o,ther information in the condensation 
time stamp. In steji 215, the viewer hashes the image time stamp and decrypts the notary's 
image signature using the notary's public key to verify the ijnage time : stamp. . In step 216, the 
viewer combines the condensation hash arid the notary's image signature and, hashes .the 
combination and in step 218 the viewer decrypts the t servers'? condensation signature and 
compares the decryption with theliash to verify the origin and integrity of the condensation. 
Also, the viewer may decrypt the- server's image signature; and compare, it ta the jm^ge hash to 
crOsk check the* refcords of the secure server regarding the imager IEX After boih time.stamps 
are verified/ttie viewer may compare the image itime stamp : time t wit£i the condensation time 
stamp time to verify that the times are very close. In step 218* the viewer decompresses the 
image. In step '220, the viewer displays the' decompressed image, imager ID or (author's ID), 
image suBmis^on time, and fcondensingLtime to the user.- 

* - • * Figures 3a-3c illustrate another .embodiment -of thp.invention wherein : a server 

aut^mati'cally'and immediatdly' compresses a videorupon receipt, and obtains one time stamp 
for r bbfo'the respective receipt -of the video andthe compression ,pf Jhe video. In a first grpup 
230 J b¥steps in figure 3 a, the video* isr^eatfed and transmitted to the^seryei:. Instep, 232, the 
^authdr-^ptrate^ttie video imager Xb create tbe.videa and to>submit : the video to , the server. The 
imager may be any etjuipmeht for creating .multimedia presentation such as a video camera 
and microphone. The video may include sound channels and other data as well as ; video 
: images'. Preferably; a title is also '(MalttdPltfstep^S^th^j^gQF;^ compresses the video for 
;i t^^l&fani^^ 9* another 

ir iI'inijjle J lossy 'coTTiprdssion-df m&fe preferably^by ado^less. .qompressionfinethods. In step 234, 
; the i^^^teh^^the^first cfa^ensaiori^fthe videos Theimager : may : also hash^er 
iilf&Miat^ 

' dekcrib^ed abcwe. Ih step 23^, the.imagereficrypts the hash with the imager's (or author's) - 
private key to^ign the video .-Th&iihager may store>the yideo, first compression, liash and 
"ihm^S Signature at leaist umil verific^atidh.Df receipt:is obtained frpm Ihe se^er.. In step 236, 

' th^iittk^^smits th^ Video -title; Trfst ^oiid&isation; and5signatore tp tbe> server. In step 238, 
ihe imagbr deletes'th'evideb to cbnserW storage; and later after ^receiving receipt of reception 
from the server, the' imager deletes first condensation. of the.yideo. Alternately, r the first ; 
! coridensatidn riiay be archived at the~imkger, hut generally dt, is more QQnA{eniei>t-to ,only 
archive the first condensation at the server as described belpw.. . •• : - - y* ; 
1 ; ! In a second set of steps 240, in figure 3b, the server receives, verifies, and stores 
the first condensation, second compresses the video, and obtains a time stamp and time stamp 
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: signature for the second compression firom a notary. In step 241, the server receives the first 
"condensation of the video.-imager'ssignature, title,.imager ID andpossibly other related 
information and transmits the receipt back to the imager., In step 242, the server hashes the 
' 'first condensation of the video arid decrypts the video imager's signature using the imager's 
5 public key and compares the decryption to the hash to verify the origin and integrity, of the , 
first condensation. In step 243, the server stores the title^ author's ID, imager's signature and 
the hash of first condensation relationally. In step 244,;immediately . after ,verification,,the 
••x— server second compresses- the videoto produce a. second. condensation. In step 245,. the server 
• '" ' archivesthe first condensation of the video- to cpnserye storage space and deletes, the first 
10' condensation from online storage. ' " •- -. ,-.>-•; . ; .• * . 
- ; In step 246; the server combines the, title, imager's p, author's p, imager's 

signature (or author's signature), and secondxcndensation and hashes the combination. In step 
' r 247, the server encrypts the- combination-hash using-.the server's private, key to form the 

■ server's signature for the second compressed.video. In step ; 248, the server; stores the second 
15'-- compressed video and the server's videorsignature relationally. with, the title and imager's . 
■ signature and related information; fci step 2S.0,,the server obtains a.time stamp, and notary's 
' : "sigriafure ^ni'th^'nota^fof:the«ei^eKstsign^urc, verifies the notary's, time .stamp jand 
r 1 signature, arid stores the no ' 
'•' cdhdensatibri. : ' : : - *$tj- '..«;.. - b."rt<:;b bauor ob.fi ~al '• ' • t {'. . \ .ir'y.r,-.':; '.->: • 
2 r o < • \. v:a . :c .in'^a-iinSd -g«>up: b£ stej>s;-2€0jfot-this emb^jnent, .in .figure, the yideo is 

" • requested; Verified and viewed'orca displayalnj step,262 : , Jhe wser at the.displayer requests the 
•- - * Video from the'server. In step 263jime;serYer_sends the imager ;HV : titl^ second condensation, 
" the notary's time stamp (containing fche set^er^csigngturek Wfl^$Pti&W&&9*- to the 
displayer: The hash of theitirst-condensation^arid the^videO; imager's signature, may, also be sent 
25 " iii order to cross check the origin of the, vid.eo : .:hi. step. 2.64,- the di>playe^ decrypts .the notary's 

• ' signature using the:hbtory!s public key, hashe.s;Jhe time stamp, and f qpmpares the results to 

verify the time stamp, -In Step 265, the displayer combines andhashes as.describ^d above to 
- '-form •tHe:secbnd-coftdenisation hashed 'd^iyRts-thejseryer> signature using, the, server's public 
key and compares the results-to verify the origin, and .integrity .of-the. secpnd condensation. The 
30 - displayer may also receivethe imager's signature;and ; the first condensation hash and then 

• decrypt'the imager's signature and compare the result to me first, condensation hash to cross 
check the records of the serverfor the origin of the first condensation. The displayer cannot 
independently verify the origin and integrity of the first condensation without obtaining a copy 
of the first condensation. In step 266, the. viewer (displayer) decodes the second condensation 



L5 also 
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to form the decompressed video. Finally! in step 267; the user views the video on the - 
displayer. The user may also be able to view other information about the video such' as the 
author' ID, imager's ED, the creation time of the second condensation, and notary's time stamp 
information. 

5 Figure 4 illustrates a network 300 of the invention In which r a multitude of 

computer nodes are connected together by a communications network of cables and' 
communications equipment 301, The network nodes include a local server 302 'and a notary 
303. A multitude of authoring stations 3()4-313 are connected through the communications 
network with the server, and a multitude of viewing stations 3 14-323 may also'be connected to 
1 0 the server through the communications network! The authoring stations have equipment for 
.. . creating .documents such as X-rays,' test data,' scans, video and audio images, multimedia 
presentations and apparatus for transmitting the documents to the server, for requesting 
documents from the server, and for revising such documents: The 1 viewing stations are 
primarily for requesting digital documents from the server and viewing the documents but may 

-i O ■J. < :- . • ■;>.. • _J -, - ; -- • , ± .... . . , ...... , 

' so have some limited facilities for revising the documents such as adding notes and 
,. comments, 

. In figure 5, additional details^ authoring statidn 304 in figured,- are shown. 
The authoring station includes a processor 3^2 ; such as a central' processing iihit (CPU) or an 
.embedded controller, cornmunicatingwhrj an electronic memory 353. The memory includes 
20 .programs^w^ich controi the operation o^W proVessor and buffers' for storing information- 
. receive^ through an input and/or output circuit' 3 54 aOQ^o^ aumbrihg station 
peripherals and for transmitting and receiving iriformation frorii other nodes of the network 
through IOC 355. Trie peripherals may' include^ ior example, keyboard '3^56; a pointer such as 
mouse 357, video camera 358, microphone 359, scanner 360; and disk'storage 361 . 
25 The memory includes program module ; 3 76 for interacting With a user to 

produce a document which is stored in buffer 371 , and to initiate' the process for sending the 
document to.the server. The memory inciudes progfarh mbdufe 372 to hash'the document 
using a one-way hash and to encrypt the hash" using a private' key 390 of the uset (originator) 
, or a private key 390 of the station to provide a digital signature for the 'document. 1 The memory 
30 may also include a module 373 to transmit the document along with the signature to the server. 
Program module 375 may be used to store the document, hash, and/or digital signature into 
storage 361. For video and audio imagesi'the memory includes a program module 376 to 
encode the video into a compressed form such as motion JPEG, or MPEG-2 video or more 
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preferably a lossless compression me.thod./and .to store the compression of the video as another 

.document in buffer 371... v 

. In the case where a. digital, signature is produced by the server, the authoring 
system may include module 377 for receiving the document signature! a time stamp, and a 
time stamp signature from, the server into buffer 371 and a module 378 to verify the signature 
and to initiate module 375 .to store the document signature, the time stamp, and the time stamp 

signature in storage 361, .. . -, y .. -r ( _ t 

v ,! The aumoring T St.ation may also be u.sed for revising documerits'to produce 

, revisions which may be returned to'the server. Program module 370 may be used by a human 
reviewer to request a .document from the server. Program module 379 negotiates the receipt of 
s the document and. related.tirne stamps and other information 'ironitte server, arid program 380 
authenticates the document. In pne^embodiment of i^e invent wn described' ^ 
to the document, the. revising station, receives "a tune stamp i (as Ascribed ^belbW) aida notary's 
signature. Module 380 include? apparatus 383 to hash the time stamp and decrypt trie notary's 
signature-using the notary's, public key 393 and module 384 compares"the results to verify the 
origin of the time stamp and verify that the contents' of the time stamp including the digital 
time.ftaye not. been altered. Then program 385 of module 380 hashes the document and 
decrypts the;, server's <pr author's) signature (contaKed'iri the time' stamp) and compares the 
.resuto^deterra^ 

has ; not beenxhange^ since it. was signed by t^^^ is a 

, reyisipn,^enthes^^ 

, dpqument, the server'sCor reyisinkau^ ™ d 
, notary's signature for. the original jdopurnent, and then module 385' can" again authenticate the 
time stamp,for the priginal. document and then decrypt the server's signature (contained n 
timeiStamp) and compare the results to the hash of th'e.origmal document' tVverify the origin 
the document. Also, in spme of the above emb^dirnents information such as the revisor*s ' 
• , signature. 0| r a previous notery;sJsignatars are combined with the document before and 
: . encrypting to -form the server's signature, and m those' cases module i 85 will have to compare 
- the decrypted signature with .a hash of the appropriate combination of such items. Then 
module 386 is used for. interaction with the user to revise the document. Module 384 hashes 
• the revision combined with the previous time stamp and" encrypts the hash'to form a revision 
document signature. Then the revision and revision signature may be stored, transmitted 
secured and verified in a manner similar to an original document. 
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- . In figure 6, additional details of server 302 in figure 4, are shown. The server 
includes a processor 402 such as a central processing unit (CPU) or an embedded controller, 
communicating with an electronic memory 403. The memory includes programs which control 
the operation of the processor and buffers for storing information received from the network 
and information being, transmitted onto the network through an input and/or output (I/O) 
circuit 404 (IQC). IOC 404 is for transmitting information to and receiving information from 
other nodes connected^ the network. The. server may be a gateway server, for example, 
connected tQ Ipcal clients through one IOC, in.a network and connected to other servers and/or 
remote clients in another, network through another IOC. IOC 405 is used for storing 
information onto disk storage 406, retrieves stored information, sending information to 
.archival storage device. 407, and;occasipnally for retrieving archived information. 

The memory includes program module 420 which copies documents between 
^jnfitwp^.^pQi^^of^uffet.^l l^ugh IOC 404. In some of the above embodiments, 
the server/receives a digitaljy signed document from an authoring station. In such case, 
program module 423 perforrns a one-way hash^n the document, decrypts the digital signature 
^dxompares thef^t^ ve^fy,^ %;.^q\p^.^ »?t be^ changed since it was digitally 
signediand that the origin of the ^o,c ; ument r is 1 ,c,QCTpct. In another of the embodiments above, the 
: server receiMes^ document whiqh is not signed .through a secure network. In such case, 
program module 423 hashes the document and encrvjtothe hash using .either the server's 
* private- key .or .the originator's (or authoring. s)tatign^) ; private ^ in this case is kept on 

the secure serv»*)oto- ai|oJherof the^bodjjmcnls^ ^visor corribmes^lie reyisjon with a time 
istampj time stamp hash^potar^ signature, h^§h_es the combination and encrypts the hash to 

- sigriithe revisionv5husr&e : reyLsion sijmature yej^es^notjust the origjn and integrity of the 
revision; but also identifies the original document from which the revision was. derived. The 
reviser then sends the revision and revision signature to the server. In such a case, module 423 
iih'the seryer.d^ciyptsthe reyisipn ^si^ature, , . combing th^ revision with the original document 

- time, stamp and any other in^ manner as the revisor, hashes^he 
Combination, r and cpm^ of the revisiion, origin of the original 
: dbcuments,/and;that the revision hjis not been- altered sinpe signing. 

j!J { In another^of th^abpveembqd^ 
and then module423 f may. combine th^jeyis^ origin of the 

^original document (a hash of the previous document, the previous authors signature, the 
previous time stamp, previous time stamp hash or the previous time stamp signature) and an 
indication of the origin of the revision (revisory ID, work station ID), hashes the combination, 
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and then encrypts the'naWO.e. slgWtfie document)- Using either the server's private key or the 

originator's private key. J 

In still another one of the above embodiments, the server, receives a document 
(if it is not signed 'then program 423 signs the document), and then ttio'dule 425 obtains a time 
5 stamp for the document." Then inoduie 420 automatically revises the document; hashes the 
combination of the original time stamp and the revised document,- and signs 'the hash. Then 
module 424 obtains another time stamp foV the' automatic revision 5 .'- '" ' •-' "■>■■ ' : 

' in' another of'me abov^'embodiments. moduie 422 red 

module 420 signs the documented if rib signature is received with the document), combines 
0 the revised document with identifying' information", and then module 422 'automatically revises 
the document, hashes the combination; and signs the hash. Then module 424 obtains a time 
stamp for ilie signature for tine automatic revision.- - - ' v 5 ; 

' "" After the document is sighed, program mbdule 425 sends the 'signature to a 

notary who creates atime stanip cdritairiin'g ; the server's signature^ server- ID, sequence number, 
15 ' andVdigitai time (including' date)V s'igns ' the' time stamp' (to produce time stamp signature) and 
' retums'the time stamp anVtt^ wnicii are received by module 420.- Then 

- module^4 ^ (usmg the' notary's public 

key) to verify that 'the time stamp is r froin : me identified Wary arid that the time stamp has not 
been changed since it was signed. " " • - >'■> 

to '* " " * 1 ' 11 ' " Vor revlse^^db^ space iriWanddm^acc'essi storage 406. 

(hard dislc, tSVd, CD-i&"$), program^ old -versions of documents onto 

^ rem6va%le J ccmputef^eaia (e!g! tape) whicfns ; removed fforri -the server,~in a process known 
a^arcruvmgi I'S responsible to have the 

archival ta£ loadedmto the' archMi^torage systern'407 and to- restore the required, files back 
25 onto the server. 

' ' * 'in figure 7, Wdltion^ r deWs''cf no'tary" r 3T03 -in figtir6'4, are- shown.* The notary 
includes a processor^ 452 such as a •central' prbcessirig^nit (GPU) or an embeddedrcontroller, 
' " ' corm^umcatm : g'wim : an-electromc'membry 453'; f The memory: includes programs which control 
the operation of the pfocesior^ and buffers for storing infbrmati6n:received from the network 
30 and information being sent onto the' network through an input and/of output (I/O) circuit 454 
' (IOCY rOC'454 is for transmitting information to and receiving -ihforrhation;from other nodes 
"'' 'connected to* the network. IOC 455 is used for storing the time stamps and. time. stamp 
signatures on disk 456. 1 
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The memory includes program module 470 for controlling the receiving of 
document signatures and transmission of time stamps and time stamp signatures:; When a 
notary signature is requested, program 470 copies the document signatures from,. the network 
into portions of buffer 471. After the time stamps ^nd notary's signatures are produced 
program '470 copies the time stamp and time stamp signature from portions, of buffer 471 onto 
the network. Program module '472 read's-the seiWs signature from the buffer, and creates a 
time stamp containing: the server's signature, the time that the- serter/s signature was received 
(in any time 1 foririat), k notary ID, arid a- sequence number. Then module 47.2 hashes the time 
stamp and dnc^pts t\i6 hasK with' the notary's privat^key to form a time stamp signature of the 
notary. TKeh mbdule 475 prepares a transmission of the4ime: stamp and<the, notary's signature 
and stored thecerti^cate transmission into buffer 47 hand initiates^module 470 to .transmit the 
'certificate of the notary back' to the customer. Pfogfam'module .474 also .copies the time stamp 
and time staihp Vign&ture through IOC 455 c orito hard disk drive 456 together as a time stamp 
signage record.' " ■'. - ' :i ^ ' r * c " m 1 ~ ~ " 

' ' l; ' 1 1 When veriflcatiori of the abtfiehtieity of a^tinie stamp signature is,requested, the 
request may provide eitherttie dbcWferit^i^hatti^B^the titae 'Stamp, the time stamp signature, 
"or tke s^udiice The notaiyHncli^ (time 

stamp and notary's signature) frdm stor^'gV45 6- arid-ma^ include module 477 for comparing 
the information provided in toevenficati6#^ the^eeprd and 

deter^imng whfeAfer the info^atibhlriatfiheSi Mbd0:le478 then^preparesfa transmissionjof the 
time stamp record and/or results of ttie%cft i ii|^ authenticate the information/and stores 
the response in buffer 471, and module 470 transmits the response. 

Figure 8 illustrates a programmable computer system 500 and various example 
apparatus for programming such programmable computer which are all well known in the art. 
The computer system may be programed either by connecting non-volatile memory (e.g. 
ROM, PROM, EEPROM, flash memory, battery backed SRAM) containing programmed 
structures to the programmable computer or by providing signals to the programmable 
computer which may be applied to memory of the programmable computer to provide 
programmed structures. Another computer system 501 such as an Internet server may be 
connected through a communication apparatus 502 to system 500 to provide signals for 
programming system 500. Apparatus 502 may include a copper or optic cable, radio, infrared, 
or network such as Ethernet, ARCnet, Token ring, or a modem and telephone system. A 
storage drive 503 may have integral media 504 and be removably attached to system 500 or 
drive 503 may be integral with system 500 and receive signals from removable computer 
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• .media 504. System 500 may include a user-interface.505 and program input module 506, and 

• written materials may. be provided. A user may input the signals using apparatus (not shown)of 
the user interface such as a keyboard, .text, scanner, microphone, camera or bar code reader. 
The signals provided to system 500 may : be copied to storage drive, 503 for later recall into 

5 volatile memory 507 of stored in non.-volatile memory 508 to provide programed apparatus in 
■memoryi Alternately the system may be programmed by providing prograrnmed^non-volatile 
' memory. System 500 may include; a .slot 509 into. : which a cartridge .5 1.0 containing non- 
volatile' memory such as a PC flash memory.car^may be cor^ecteo^to j?rpYide programed 
; apparatus. System 500 may include a socket 5 1 1 into which a nonvolatile package 5 1 2 may 
10 • be inserted^ provide. programmed app.ara.tus, System 5 0Q may be fabricated with non-volatile 
•i : integral memory 508 to provide; programmed apparatus. The programmed structures include 
programs and other datain memory .whicb^cqntrol. a micro-processpr^ 1 3 and I/O processors 
-' e.g. 4 14 of .the'prograrrn^able'CQmputer|o?implernent computer, processes. The computer 
system may be a workstation, modem, PC card, printer, or other software upgradable 
15- ' component. Other well knowri methods.of prQgraniming.arqQmputer system may also be used, 
t i.r,n:>r: - . r- : -The invention has been;described with reference to specific embodiments 
- including .me bestmode for carrying iOut the invention, and with rafficieqt^ajl.tiwt anyone 
- skilled in the art can make and use the inventipn. .Those skiUed in the. art may. modify these 
^ j - embodiments onprovidetQthej .emMdimerrt spirit of the. invention^ and thus, the 

20^ ^description does not limitthe : pEesent invention to. the ch^^ is 
'■" i limitedronly -by 1he, following appende^claims. -. . si . 
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1. A computer network (300), comprising: 

a user computer system (304, 3$0) providing user access to the network, 

inqluding: 

means (356-360 and 370) for providing an original document; 

means (372, 422) to produce a document signature from the driginal document; 

and 

means (355, 374) to transmit the original document signature; 
a secure computer system (303, 450), including: 

means (454, 470) to receive a document signature from the user system; 
means (4?2) to provide a time stamp containing the document signature and a 
digital time at which the document was received; and' 

means (473, 454, 470) to transmit the time stamp to the user system;' 
the user system further including: 

means (377, 355, 375, 384) to receive and store a time stamp for the original 

document; 

. . means (386) for revising the original document to produce a revised document; 

and 

means (387) to produce a revised document signature depending on the revised 

document; 

and in which the means (355,373) to transmit the document signature are 
.. adapted to. transmit the revised document signature; 

the computer network further includes means (377, 378, 424, 472, 476, 477, 
r 3 T 83, .384, and 485) to authenticate time stamps; and 

characterized in that the revised document signature also depends on the time 
stamp for the original document. 

2. The network of claim 1 in which the means to authenticate the time stamp, 

includes: . 

a private key (490) for encrypting data in the secure system; 
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a public key (491) capable of decrypting the data previously encrypted using 
the private key; 

means (472) to produce a time stamp signature from the time stamp using the 

private key in the secure system; 

means (473) to transmit the time stamp signature to the user system; 

means (383) to decrypt t^e time stamp signature using a public key on the user 

system; 

means (384) to compare the time stamp or a hash of the time stamp with the 
decrypted time stamp signature on the user system to determine whether the time stamp is 
authentic. 

^ The network of claim 1 in which the means to authenticate the time stamp, 



include: 

system; 
system;,. 



secure storage (456) for storing the time stamp on the secure system; 
means (425) to transmit the time stamp from the user system to the secure 

means (475) to retrieve the time stamp from secure storage into the secure 



means (476) to compare the retrieved time stamp and transmitted time stamp; 



and • . . ^ . . . . 



means (477) to transmit an authentication or authentication failure signal from 
the secure system to the. user system, depending on the comparison. 

4 The network of claim 1 in which the means to authenticate the time stamp 

include: f ^ 

means (472) to produce "a first time stamp signature from the tifhe stamp using ; 

private key in the secure system; 

means (470, 473) to transhiit the "time stamp 'and first time stamp signature to 

■ :w- :^ c-; ' v:r>o .": hs-a^L : t .: : ..-V - , ; - ; 

the user system; 

means to return the time stamp to the secure system; 

means (473) to produce, a second time stamp signature from the returned time 

stamp on the secure system; 

means to transmit the second time stamp signature to the user system; and 
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' !: means (383) to compare the ; first time stamp signature with the second time 
stamp signature to verity the authenticity of the time-stamp. - 

5. J 'The network of claim 1 in whisht <■■■ ' .;>".. 

the transmission from the secure server includes a previous time stamp and time 
stamp signature and a subsequent time stamp and time stamp signature, each time stamp 
including customer identification; ^a'; . : ; . - r * t, < _, ~ 
" - : '' the' user system stores the previous andsubsequent.time stamp and signature; 

and ''' • ' ' ' 

! - ■• r - ■ ' the means to authenticate : tKe time stamp are adapted to communicate with the 
dustomerldentified the subsequent time *famp-and; obtain a copy of the time stamp and time 
' s'iamp signature fromthe subsequent eus'tomef-/i r " •-^^ r >f _v- , 

5 • the' network of clainr I* in' which the means for revising the document 

automatically revises the document upon receipt of the document. , > s.. 

rfjfc !—.U y. -h VT-'i' ♦ .;i/LB' ! sf %> ti &ri->:Yv77 o; • :u 
•ij-<!> i:i ,,n -riz ^ e ne twork of clain*l m -Which the iiser computer system includesan 
authoring work station (350) for producing the document and a secure; server (400) for storing 
the docurnent, document signature; and documeiit time" stamp. ;>■..:■. 

8. A compiitef system f (304? 350), including: ' V. r ' > a t * - 

oyi? ;,:*r ^o^fo? ^p-roV-iain-g an'origmaL document; 

means (372, 422) to produce a document signature from the, original document; 
^triSans (386) for revising r; the^n^ihardocument to produce a revised document; 

ac---;.; u "i ' tw. 3-" f > wt''Y*.i ?rL r ::>•? ' r ' < ■ .•-•av, : : j • v • 

(387) to produce a revised document signature depending on the revised 



'arid 



means \ 



document; 

" c " J ' r v ' ! -'^hmcteriztfd'nV that'MireVised d^u^ent--signatureHu , so depends on the 
original document signature: ' ' ' : J '■' • '-- " : '' J ' J ■ ' 

^ ,:t . • - -, fne con^utersysterri <S04] -S'SO)- a^ela1medin:claim:8, including: 
' : ■ " Tr meanV(35'5,'374) to transmit we orTgraaTddcument signature*©. a secure 
computer system (3 03 , 450) for time stamping; 
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means (377, 355, 375, 384) to-receiye from the secure computer system and 
store a time stamp for the original . document; the time stamp containing the original document 
signature and a digital stamping time indicating when the time stamp was produced; and 

wherein the revised document signature depends on the digital stamping time in 
the time stamp fof the original document. <. , t 

10. A computer network comprising: , f :> :0 ^ . 

Y*t means (356-360<and;370) for an author to create,^! original document on a user 
accessible station; 

r ; - : means (355, 374) for transmitting the. original document to a secure server; 
; - .5 : . r . means (3:72, 422) for producing a signature for .the original . document; 

means (423) to use the signature for proving that the -.dpciunent has npt been 
altered and for identifying the user or station; 

r ;:::•> 't means (420, 422> for, transmitting the original document signature from the 

secure server to a notary; u !u>:_ v , v r : 

means (472) for providing a time stamp at the notary including the original 
i do'cMent signature and :a digital time indicating the time at which the signature was received 

'by the notary;^ - ; * ::-vrr;r.o r - ^n^.i - • ; r * - ^ . _y.. j t ;^-: 

means (470,r473),fQf i $r^srmjtting the time; stamp, tp the ^ii^erve^^ 
means (424) for verifying that the time stamp is authentic; . 
means (422) fpr ireylsing{the priginal .dpcyniept; ; , f , 
. -means (422) J for:prpduoingta signature for th^rr ? evised .document depending on 

- the 'revised doeument;;c .\ /ii-im-jor- i '^uh^r, m -r^*.;-.; 

i l-;. i\' t z \ :: -v. . .characterized in that r the signature; for r the reyised^ppiunent also depends on the 
original document whereby the fact that the revised document is a product of the original^ 
documentcan be^ verified, . . i-., _ \ - . ± : ^. [ - : ; ■ ^r-* ^ 

11.: ; * v- - ' A method of operating a.computer : network,;Cpmpri the steps of: 
providing an original document on a user system; . f _ , r 
producing a revised document depending on the original document; 
:...*. '■■ -i 'producing a revised, document sigriature^including. hashing the revised 

document to produce- a. document fingerprint and. encrypting the document fingerprint; 

transmitting the revised document signature from the user system to a secure 

computer system; 
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providing a time stamp for the revised document, the time stamp including the 
revised document signature and a digital time indicating when the tirrie^tamp was produced; 

transmitting the time stamp from the secure systeih to the user system, the time 
stamp including the revised document signature; 

determining whether the time stamp is authentic; and 

determining whether the revised document signature in the time Stamp is 
authentic depending on agreement between a decryption of the revised document signature 
and a hash of the revised document; 

characterized in that producing the document fingerprint includes hlashing the 
revised document together with information indicating that the revised document was 
produced from the original document and in that determining whether the revised document 
signature is authentic includes determining whether the revised document was produced from 

X : -\". l ''"> .TV-'.i '■ ^ f; j;- ' - r .- f f * { \ ..... . , 

the original document which includes hashing the revised document together with the original 
document indicating information to recreate the document fingerprint. 

12. The method of claim 1 1 in which the step of determining whether the time 

:• a ■ i . • . : t '/\.:cov- } 

stamp. is authentic, includes the steps of: 

-b . / ' . >. • ■ "... " -;,f- . , *' 

storing the time stamp in a secure storage of the secure system; 

transmitting the time stamp from the user system and to the secure system; 

comparing the time stamp from the user system with the time stamp in the " 

secure storage; . . . ' 

" ;! " ' v^ .p.! rr i /j to '3ii\o:<\L'- .; -j ~- v: -frisk- nouz.wx'l u - 

transmitting the results of the comparison to the user system; and 

determining whether the time stamp is authentic depending off the results of the 

comparison. 

13. . The method of claim 11 in which, the step of determining whether the time 
stamp is authentic, includes the steps of: 

providing a private key on the secure system; 

encrypting the time stamp to produce a time stamp signature on the secure 

system; 

* '--I , i.. ... )z . ; J- *>?,;-'• ■ -f-"r l t f ,. f . 

transmitting the time stamp signature from the secure system to the user system; 

transmitting the time stamp and time' stamp signature from the user system to 
the secure system; 
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encrypting the time stamp using the private key to produce a time stamp 

verification signature; 

comparing.the time stamp signature with the time stamp verification signature; 

and t ; 

determining whether the time stamp is authentic depending on tne results of the 

comparison. . , t . f . r r _ . 



1 4 The method of claim 1 1 in which, the step of determining whether the time 

stamp is authentic, includes the steps of: 

providing a private key on the secure system; 
... encrypting the time stamp to produce a time stamp signature using the private 

key on the secure system; , . 

transmitting the time stamp signature from the secure system to the user system; 

7 . *j ■.: - \ I . ! '.".ft.". / . V V. ' ' i :". 

providing, a public key for the private key on the user system; 
decrypting the time stamp signature using the public key; 
comparing the decrypted time stamp signature with the time stamp or the result 
of processing the time stamp; and 

determining whether the time stamp is authentic dependinjg on ihe comparison. 

1 5 The method of claim 1 1 in which the step of determining whether the time 

stamp is authentic includes: 

transmitting information identifying the customer of a subsequent time stamp to 

f .ur- : r: i-; ;i.^.;uc;rr;' , :o ^rf: to <-;I;:v>; *; n T^nir:* 

the user system; „ . . 

transmitting the time stamp for the revised document to the subsequent 

customer; 

communicating with the subsequent customer to compare the time stamp for the 
revised document with the time'stampfor the revised document transmitted to the subsequent 
customer. 

1 6. The method of claim 1 1 in which: 

producing the revised document fingerprint includes hashing the revised 
document together with information 1 indicating that the origin of the revised document; and 

determining whether the revised document signature is authentic includes 
determining whether the revised document is from such origin which includes hashing the 
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-revised document together with the : origin indicating information to recreate the document 
fingerprint 

, 17. . / The method of claim 1 1 in which the original document indicating information 
is dependent on the signature of the original document. 

18. . r The/method of claim 11 in, yhieh : the .original document indicating information 
is dependent on the origin of the original document. , 

19. The method of claim 11 in which: , r 

J ; r l the method further cpmprises r obtaining a time stamp for the original document; 

and - . . > "* . ifij.- v;-? :t;j * ' t \ 

the origin indicating information is dependent on a stamping time of time stamp 
for the original doqument. w : . ^ „ . 

20. The method of claim 1 1 in which: ( : . 
information indicating th^id^ti^y o/ the author of the revision of the revised 

document is included in theyhash^of tharey^ion^ and; tf . . : 

. : > j : L*; *:i:?r*.i .^determining whether the reyised^pciinient signature i? ^|ithentic includes 
hashingthe revised document w^ , . ^ r 

21. A method of revising a document, comprising;, . . , , ; , _ v , n _ ( 

] 2m r;.^trio »r, transmitting tbe dpcmm^ a time stamp signature 

;for th^doeumenfcfrom^^ ... , 

automatically using a public key of a notary for verifying that, the; time stamp 
and signature were^produced by the notary -listed in the time starnp^and that the time stamp has 
not been altered; - - ■ , ; : ... ; ... .. 

; '•; ; .-j. .-. -automatically; using- a public key of an originator for verifying that a document 
-signature in the time stamp were produced r by the, originator and, that the document has not 
been altered.since the signature was produced;-,.^ v 

revising the document depending on the verification; 

transmitting the revised document from the revisor accessible system to the 

secure server; 
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" ; using a ; private key of art originator of the revision to produce-a signature for the 
revised document; r 

transmitting the revised document signature to a notary; 

producing a revised* document time stamp containing the revised document 
signature and a stamp time indicitirig when the revised document signature was received by 
the notary; 

J - J; " usihg ^private key of th^ribtary to produce a signature for th^ revised 

document time stamp; Jt< ' ,f> r * : - * : ' r - * r \ 1 - : - " 0 

transmitting the time stamp and time stamp signature for the revised document 

back to the server; and ' : - : * 7 1 " 4 : 

* storing the revisbd document, the revised document time stamp and the revised 
document time stamp signature in a secure storage of the secure server. 

22. A method for automatically revising a document, Comprising: - • r 

transmitting an original document from an authoring system to a customer 

system; . : ' bi::v/ ii: f ' n: ' - - ^ <' 1 — 

* ! ~ J iL : "~ ' Jl stotin^ thW revised docifeerit in the customer system^ 

using a private lcey t6'pro r duce"a : signature for the revised documentlwith 
infdnhktidn for verifying Mttiie r r^ ofthe original document, was 

produced by ffie^ustoiriHr^&d' has v hot been ; changed sincenhe revision was. signed; , i 

transmitting the revised document signature from the customer system to an 
electronic notary system; ~- norr:c - ^oif-u^L z ;.rv ; - :yn : , ;r. /. 
r ' • : - r : 1 producing a ; time^ S 

document signatiiriErand^ a diglt^ document was received by the 

: 7 ; ' 1 1 : using a private key of the notary to encrypt the time^stampaojpr6duce a digital 
signature for the time stamp; .if..! 1 * 

;: * : 1 * 1 * stbrih'gtfie'time^^ 
• ' ' ; ; transmitting the 1 to 

storing the time stamp arid time stamp signature in the customer-system. 



\VO 99/35785 



.PCT/IB98/02120 




WO 99/35785 



pCT/I,B^8/p2120 



2/10 



120 



122- 
123- 
124- 

126- 



.1c 



132r 



133- 



134- 



135- 



136- 



137 



138 



.-139^ 



J" 



"1 



130 



r r 



FIG. 1d 



WO 99/35785 



PCT/IB?8#)2120 




^0*99/35785 



FCT/IB98/02120 




% PjCT/IB98/02120 




W099/3578S 



..PCT/IB98/Q2120 



262' 



263- 



264 



... • . ..*" ^ 



266 -\_ 
267 — |~~ 



6/10 



T 



260 




•. FIG. 3c 

r - '>i 




302 



LOCAL 
SERVEfi 



-301* 



COMMUNICATIONS 
'EQUIPMENT 





300' 



FIG. 4 



WO 99/35785 



PCT/IB98/02120 



7/10 



358 

L 

CAMERA 



359 



MICROPHONE 



'36a 



I: 



SCANNER- 



DISK 
STORE 



- : 1 
<r f 361 S 

J 

370 L 



374- 



377 h 



356 
J_ 
KBD 



354 



381 1 
• ,384 

379 



i 

« 



357 

L 

POINTER 



roc' 



. 352. _ 35„5„. 

dsr=i 



GPU' 



: j 



7TW 



IOC 



) i 



MEMORY 

•• • 1 



.371 



PROG 



PROG 



r? 







-It t i 








f 


fRQG 1 


3ft ):■, 



AUTHOR 
■PRWKEY 



PR6G 




•PROG 



TIM, Hi 

PROG~K 

utwl 




PUB KEY" 



<pr6g 



'PROG 



PROG 



ft 
"378 



PR()Gr 



PROG 



PROG 



NOTORY. 
PUB KEY 



PROG 



382 



•ft 

385 



PROG 



AUTHOR 
PUB KEY 



NET 
WORK 



372 
376 
380 
383 
393 

-391 



AUTHORING 
STATION 



350 




FIG. 5 



WO 99/35785 



PCT/1B98/02120 

: -v. v 




WO 9*9/35^85 



,9/10 



PCT/IB98/02120 



NET 
WORK 



470 



CO 474 



477 ; 



491 



454 



452 455 



CPU 



IOC 



MEMORY 



PROG 



BUF 




(NOTORY 




PRIVKEY 



"PROG 



PROG, 



RROp 



PR8& 



NOTORY 
PUB KEY 



478" 



PROG 



.J 



i of 



1^. 



HARD 
DISK 



TIME 
STAMP & 
SIGNATURE 



■490 
^473 



456 



450 




i 



CERTIRER 



WO 99^785 



->PCT/lBi98/02120 



- ;| 10/10 




' 1 * r 



r f SWr.A j 



THIS PAGE BLANK Cuspto) 



! -..:rA i , 



1 




TM^TT WORLD INTELLECTUAL PROPERTY ORGANIZATION 

X International Bureau 

INTERNATIONAL APPLICATION PUBLISHED UNDER T HE PATENT COOP ERATION TREATY (PCT) 



(51) International Patent Classification 6 : 
H04L 9/32 



A3 



(11) International Publication Number: 
(43) International Publication Date: 



WO 99/35785 

15 July 1999 (15.07.99) 



(21) International Application Number: PCT/IB98/02120 

(22) International Filing Date: 28 December 1998 (28.12.98) 



(30) Priority Data: 

09/002,098 



31 December 1997 (31.12.97) US 



(71) Applicant: KONINKLIJKE PHILIPS ELECTRONICS N.V. 
[NL/NL]; Groenewoudseweg 1, NL-5621 BA Eindhoven 
(NL). 

(71) Applicant (for SE only): PHILIPS AB [SE/SE]; Kottbygatan 7, 

Kista, S-164 85 Stockholm (SE). 

(72) Inventor: EPSTEIN, Michael; Prof. Holstlaan 6, NL-5656 AA 
Eindhoven (NL). 

(74) Agent: FAESSEN, Louis, M., H.; Internationaal Octrooibureau 
B.V., P.O. Box 220, NI^5600 AE Eindhoven (NL). 



(81) Designated States: CA, CN, JP, KR, Europear jpatent (AT, BE, 
CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, 
NL,' PT, SE). 



Published 

With international search report. 

Before the expiration of the time limit for amending the claims 
and to be republished in the event of the receipt of amendments, 

(88) Date of publication of the international search report: 

16 September 1999(16.09.99) 



(54) Tide: TRANSMITTING REVISIONS WITH DIGITAL SIGNATURES 



304 



AUTHORING 
STATION 



302 

± 



LOCAL 
SERVER 



313 



AUTHORING 
STATION 



301 



COMMUNICATIONS 
EQUIPMENT 



314 

± 



VIEWING 
STATION 



CERTIFIER 



300^ 



T 

303 



323 

± 



VIEWING 
STATION 



(57) Abstract 

i * ™ m nntPr network documents are produced, the document is hashed to produce a fingerprint, and the fingerprint is encrypted 
the original document. 



i .:-r- ; , . . . FOR THE FUHPOSESiOF INFORMATION ONLY ; 

Codes lised to identify States party to the PCT on the front pageS of^amphlets publishing- international applications under the PCT. 



AL Albania j 

AM Armenia 1 

AT Austria , 

AU "Australia * 

AZ Azerbaijan., ,, : 

BA. Bosnia and Herzegovina 
3.B ■,, Barbados 

BE . -.Belgium;. '., ,' r 

BF -Burkina Faso - 

BG Bulgaria 

BJ . .'Beriiri 

BR Brazil V 

BY Belarus 

CA . Canada; ■ -'; s 

CF ' ..' Central African Republic 

CG Congo • ■■ 

CH Switzerland 

CI . Cote^d/Iyqire '/^ ^ [ 

CM Cameroon 

CN China 

C CU;* . Cuba J = ; 

CZ Czech Republic 

~T>E - Germany 

DK Denmark 

EE Estonia 



ES 


Spain 


~LS 


Lesotho 


SI 


| Slovenia 


FI 


Finland 


LT.„ 


Lithuania 


SK 


Slovakia 


FR 


France 


LU 


Luxembourg 


SN 


] Senegal 


GA 


Gabon... _ 


LV 


Latvia 


sz 


Swaziland 


QB 


United Kingdom 


NfC" 


Monaco 


TD 


...Chad 


*' GE 


.Georgia • 


MD : 


Republic of MoWova 


TG 


Togo - 


GH 


Ghana ~ 


_„ MG 


Madagascar 


T j 


Tajikistan 


•* GN ' 


Guinea 


MK 


The former Yugoslav 


TM 


Turkmenistan 




Greece {w ... 




Republic of Macedonia 


■s: TR 


Turkey 


HU " 


Hungary 


ML 


Mali " - ' * ■ ;t 


:(-■ TT 


Vo Trinidad and Tobago 


■ IE ■ 


Ireland 


MN 


Mongolia .•'*«*.'. , • 


• UA- 


, Ukraine ., 


IL 


Israel 


"'mr : 


Mauritania " l " *' 


' UG 


- Uganda. 


IS 


'Iceland 


''V" ' 7 '' KtW 1 


Malawi *t . ' . - - 


: US.. 


t United States of America 


IT 


Italy- 


' ' MX ' 


Mex ico ' : 


uz 


- Uzbekistan 


< JP 


Japan 


NE 


Niger 


•VN 


; > Viet Nam 


KE 


Kenya 


' ' ' *nl' 


' Netherlands 


YU 


Yugoslavia 


KG 


Kyrgyzstan 




. Norway 


zw 


Zimbabwe 


KP 


Democratic Peopled 


NZ 


New Zealand ^ „',!.:" > 








■RepublicT)f-Korea- - — 


JL„ 


Poland ■ 1 ^ 






kR :,: 


Republic of Korea 


- if.-' 1 ' 1 >W/l . 


> ■■. Portugal' ; •-, ■ ; f 






KZ 


Kazakstan 


RO 


Romania 






LC 


Saint Lucia 


RU 


Russian Federation 






LI 


Liechtenstein 


SD 


Sudan 






LK 


Sri Lanka 


- - * SE 


Sweden - - - 






LR 


Liberia 


SG 


Singapore 







